top of page

Privacy & Data Protection Policy

1. Introduction

The Beeches Golf (“we”, “us”, “our”) is committed to protecting and respecting the privacy of everyone who interacts with us — whether as a member, visitor, customer, employee, or business contact. This policy sets out how we collect, use, store, and protect personal data, and explains the rights available to individuals under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy applies to all personal data processed by The Beeches Golf, including data collected through our website, booking systems, membership processes, marketing communications, CCTV, and employment activities.

2. Who We Are

The Beeches Golf is the data controller responsible for your personal data. If you have any questions about this policy or how we handle your data, please contact us:​

  • Business name: The Beeches Golf (Ollerton Golf Centre Ltd)

  • Email: info@thebeechesgolf.com

  • Address: The Beeches Golf, Chelford Road, Ollerton, WA16 8SE

  • Phone: 01565 758230

3. What Personal Data We Collect

We collect and process a range of personal data depending on your relationship with us:

3.1 Members & Customers

  • Full name, date of birth, and gender

  • Contact details (address, email address, telephone number)

  • Membership details, booking history, and participation records

  • Payment information (processed securely via third-party payment providers — we do not store full card details)

  • Handicap information and golf performance data (where applicable)

  • Marketing preferences and communication history

Privacy Policy: Text

3.2 Website & Digital Visitors

  • IP address and browser/device information

  • Pages visited, time spent on site, and referral source (via cookies and analytics tools such as Google Analytics)

  • Contact form submissions and email enquiries

3.3 Employees & Job Applicants

  • Name, address, National Insurance number, and bank details

  • Employment history, references, and right-to-work documentation

  • Payroll, performance, and disciplinary records

  • Health information relevant to employment (where required by law)

3.4 CCTV

We operate CCTV cameras across our premises for security purposes. CCTV footage constitutes personal data and is handled in accordance with the ICO’s CCTV Code of Practice. Signage is displayed at all camera locations.

4. How We Use Your Personal Data

We use personal data for the following purposes:

5. Lawful Basis for Processing

Under UK GDPR, we must have a valid lawful basis for processing personal data. The bases we rely on include:

  • Contract – where processing is necessary to fulfil a membership agreement or booking

  • Consent – where you have freely given clear, specific, and informed consent (e.g. to receive marketing emails). You may withdraw consent at any time.

  • Legitimate Interests – where we have a genuine business reason that is not outweighed by your rights (e.g. CCTV security, website analytics, business communications)

  • Legal Obligation – where we are required to process data to comply with a legal duty (e.g. HMRC reporting, employee right-to-work checks)

6. Marketing Communications

We may use your contact details to send you information about our products, services, offers, and events that may be of interest to you. We do this by email, SMS, and social media where applicable.

You can opt out of marketing communications at any time by:

  • Clicking ‘unsubscribe’ in any marketing email

  • Contacting us directly at info@thebeechesgolf.com

  • Updating your preferences through our website or booking platform

Opting out of marketing will not affect any communications necessary for us to manage your membership or booking.

7. Data Sharing & Third Parties

We do not sell your personal data. We may share data with trusted third parties only where necessary:

  • Payment processors – to securely handle card transactions

  • IT and software providers – including booking and membership management systems

  • Email marketing platforms (e.g. Mailchimp) – to send newsletters and promotional content

  • Analytics providers (e.g. Google Analytics) – for website performance insights

  • Governing bodies – such as England Golf, where required for handicap or competition management

  • Legal and regulatory authorities – where required by law (e.g. HMRC, police)

All third-party processors are required to handle your data in line with UK GDPR and are subject to data processing agreements.

8. Data Retention

We retain personal data only for as long as is necessary for the purpose it was collected, or as required by law. Our retention periods include:

9. Your Rights Under UK GDPR

You have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you (Subject Access Request)

  • Right to rectification – to request correction of inaccurate or incomplete data

  • Right to erasure (‘right to be forgotten’) – to request deletion of your data in certain circumstances

  • Right to restrict processing – to ask us to limit how we use your data

  • Right to data portability – to receive your data in a structured, machine-readable format

  • Right to object – to object to processing based on legitimate interests or for direct marketing

  • Rights related to automated decision-making – not to be subject to solely automated decisions that significantly affect you

To exercise any of these rights, please contact us at info@thebeechesgolf.com. We will respond within one calendar month. There is no charge for making a request unless it is manifestly unfounded or excessive.

10. Data Security

We take the security of your personal data seriously and have implemented appropriate technical and organisational measures to protect against unauthorised access, loss, destruction, or alteration. These include:

  • Secure, password-protected systems with restricted staff access

  • SSL/TLS encryption on our website and online booking platforms

  • Regular staff training on data protection responsibilities

  • Physical security measures on-site including CCTV and access controls

  • Data minimisation – we only collect what is necessary

In the event of a personal data breach that poses a risk to individuals’ rights and freedoms, we will notify the Information Commissioner’s Office (ICO) within 72 hours and, where required, notify affected individuals without undue delay.

11. Cookies

Our website uses cookies to improve your browsing experience and help us understand how visitors use our site. Cookies are small text files stored on your device. We use:

  • Essential cookies – necessary for the website to function

  • Analytics cookies (e.g. Google Analytics) – to track usage patterns and improve our site

  • Marketing cookies – to track the effectiveness of paid advertising campaigns (e.g. Meta Pixel)

You can control or disable non-essential cookies through your browser settings or via our cookie consent banner. Please note that disabling cookies may affect website functionality.

12. Children’s Data

We do not knowingly collect personal data from children under the age of 13 without verifiable parental consent. Where children participate in activities at The Beeches Golf (e.g. junior golf programmes), we collect only the minimum necessary data from parents or guardians.

13. International Transfers

We primarily store and process data within the UK and European Economic Area (EEA). Where we use third-party platforms that may transfer data outside the UK/EEA (e.g. Mailchimp, Google), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions recognised under UK GDPR.

14. Complaints

If you are unhappy with how we have handled your personal data, please contact us in the first instance so we can try to resolve the matter.

You also have the right to lodge a complaint with the UK’s supervisory authority:

  • Information Commissioner’s Office (ICO)

  • Website: www.ico.org.uk

  • Helpline: 0303 123 1113

15. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or legal requirements. Any material changes will be communicated via our website or directly to affected individuals. The ‘Effective Date’ at the top of this document will be updated accordingly.

We recommend you review this policy periodically to stay informed about how we protect your data.

bottom of page